CVEs from 2016
Total
8,459
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8449 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High bec… | |||
| CVE-2016-8448 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8447 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8446 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8445 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8444 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-8435 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8434 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic… | |||
| CVE-2016-8415 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8412 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-8399 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated a… | |||
| CVE-2016-8394 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2016-8393 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2016-8392 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8391 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-6791 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-6788 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b… | |||
| CVE-2016-6785 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6784 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6783 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6782 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6781 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6780 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-6779 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-6778 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-6755 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-5652 | high | 7.0 | 7.0 | 10y ago | An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code e… | |||
| CVE-2016-10088 | high | 7.0 | 7.0 | 10y ago | The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitra… | |||
| CVE-2016-6787 | high | 7.0 | 7.0 | 10y ago | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2016-6786 | high | 7.0 | 7.0 | 10y ago | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2016-9035 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-9034 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-9033 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-9032 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-6717 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malic… | |||
| CVE-2016-2985 | high | 7.0 | 7.0 | 10y ago | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via craf… | |||
| CVE-2016-2984 | high | 7.0 | 7.0 | 10y ago | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via craf… | |||
| CVE-2016-5625 | high | 7.0 | 7.0 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. | |||
| CVE-2016-3890 | high | 7.0 | 7.0 | 10y ago | The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations… | |||
| CVE-2016-6179 | high | 7.0 | 7.0 | 10y ago | The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before … | |||
| CVE-2016-6184 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6183 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6182 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6181 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6180 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-3319 | high | 7.0 | 7.0 | 10y ago | The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "… | |||
| CVE-2016-3848 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417. | |||
| CVE-2016-3846 | high | 7.0 | 7.0 | 10y ago | The Serial Peripheral Interface driver in Android before 2016-08-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28817378. | |||
| CVE-2016-4639 | high | 7.0 | 7.0 | 10y ago | Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2016-3584 | high | 7.0 | 7.0 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Libadimalloc. | |||
| CVE-2016-3757 | high | 7.0 | 7.0 | 10y ago | The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafte… | |||
| CVE-2016-2867 | high | 7.0 | 7.0 | 10y ago | IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors. | |||
| CVE-2016-0263 | high | 7.0 | 7.0 | 10y ago | IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapp… | |||
| CVE-2016-1435 | high | 7.0 | 7.0 | 10y ago | Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014. | |||
| CVE-2016-2462 | high | 7.0 | 7.0 | 10y ago | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspec… | |||
| CVE-2016-2461 | high | 7.0 | 7.0 | 10y ago | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspeci… | |||
| CVE-2016-2456 | high | 7.0 | 7.0 | 10y ago | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187. | |||
| CVE-2016-2453 | high | 7.0 | 7.0 | 10y ago | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705. | |||
| CVE-2016-2446 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354. | |||
| CVE-2016-2445 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079. | |||
| CVE-2016-2444 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332. | |||
| CVE-2016-2443 | high | 7.0 | 7.0 | 10y ago | The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525. | |||
| CVE-2016-2442 | high | 7.0 | 7.0 | 10y ago | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907. | |||
| CVE-2016-2441 | high | 7.0 | 7.0 | 10y ago | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602. | |||
| CVE-2016-2059 | high | 7.0 | 7.0 | 10y ago | The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contri… | |||
| CVE-2016-0822 | high | 7.0 | 7.0 | 10y ago | The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. | |||
| CVE-2016-1252 | medium | 5.9 | 6.9 | 9y ago | The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 bef… | |||
| CVE-2016-6883 | medium | 5.9 | 6.9 | 9y ago | MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack. | |||
| CVE-2016-6210 | medium | 5.9 | 6.9 | 9y ago | sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enu… | |||
| CVE-2016-5725 | medium | 5.9 | 6.9 | 10y ago | Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch | |||
| CVE-2016-5348 | medium | 5.9 | 6.9 | 10y ago | The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle attackers to cause a denial of service… | |||
| CVE-2016-6512 | medium | 5.9 | 6.9 | 10y ago | epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a c… | |||
| CVE-2016-6505 | medium | 5.9 | 6.9 | 10y ago | epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and appl… | |||
| CVE-2016-6504 | medium | 5.9 | 6.9 | 10y ago | epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service… | |||
| CVE-2016-6503 | medium | 5.9 | 6.9 | 10y ago | The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of servic… | |||
| CVE-2016-2107 | medium | 5.9 | 6.9 | 10y ago | The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleart… | |||
| CVE-2016-3447 | medium | 6.9 | 6.9 | 10y ago | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity … | |||
| CVE-2016-0800 | medium | 5.9 | 6.9 | 10y ago | The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain p… | |||
| CVE-2016-1187 | medium | 6.8 | 6.8 | 9y ago | Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates. | |||
| CVE-2016-6338 | medium | 6.8 | 6.8 | 9y ago | ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restric… | |||
| CVE-2016-4031 | medium | 6.8 | 6.8 | 9y ago | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-… | |||
| CVE-2016-4030 | medium | 6.8 | 6.8 | 9y ago | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-… | |||
| CVE-2016-7585 | medium | 6.8 | 6.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover… | |||
| CVE-2016-2981 | medium | 6.8 | 6.8 | 9y ago | An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965. | |||
| CVE-2016-7601 | medium | 6.8 | 6.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval … | |||
| CVE-2016-4781 | medium | 6.8 | 6.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "SpringBoard" component, which allows physically proximate attackers to bypass the passcode atte… | |||
| CVE-2016-4690 | medium | 6.8 | 6.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Image Capture" component, which allows attackers to execute arbitrary code via a crafted USB HI… | |||
| CVE-2016-9345 | medium | 6.8 | 6.8 | 9y ago | An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Critical vulnerabilities may allow a local attacker to elevate privileges within the… | |||
| CVE-2016-9337 | medium | 6.8 | 6.8 | 9y ago | An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1 (2.36.31) with web browser functionality enabled. The vehicle's Gateway ECU is susceptible to comm… | |||
| CVE-2016-6034 | medium | 6.8 | 6.8 | 10y ago | IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges. | |||
| CVE-2016-8318 | medium | 6.8 | 6.8 | 10y ago | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily ex… | |||
| CVE-2016-4484 | medium | 6.8 | 6.8 | 10y ago | The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password. | |||
| CVE-2016-2312 | medium | 6.8 | 6.8 | 10y ago | Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. | |||
| CVE-2016-6614 | medium | 6.8 | 6.8 | 10y ago | An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user… | |||
| CVE-2016-3047 | medium | 6.8 | 6.8 | 10y ago | Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 4.0.2.14 IF001 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecifi… | |||
| CVE-2016-2933 | medium | 6.8 | 6.8 | 10y ago | Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request. | |||
| CVE-2016-8633 | medium | 6.8 | 6.8 | 10y ago | drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets. | |||
| CVE-2016-9451 | medium | 6.8 | 6.8 | 10y ago | Drupal Open Redirect | |||
| CVE-2016-5610 | medium | 6.8 | 6.8 | 10y ago | Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability… | |||
| CVE-2016-0204 | medium | 6.8 | 6.8 | 10y ago | Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified ve… |